Security

Security | News, how-tos, features, reviews, and videos

mobile purchase transaction
things to do sign list deadlines

Black Hat 2015

The CSO guide to top security conferences, 2019

CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

woman leader career growth equality diversity

7 keys to a successful IT security career

Learn these traits and realities of being an IT security professional if you want a long, successful and happy career in the field.

android anti virus security

Best Android antivirus? The top 11 tools

There are plenty of antivirus tools for Android. Here's how the top 11 measure up in protection, usability and features.

cloud security data breach crime accessible

SoftNAS Cloud 0day found: Upgrade ASAP

SoftNAS Cloud users should upgrade immediately following a report by Digital Defense that the virtual cloud appliance is vulnerable to a session management security issue.

malvertising malware hacked ads advertising online

What is malvertising? And how to protect against it

Malvertising, the practice of sprinkling malicious code to legitimate-looking ads, affects both small and large websites. Protecting against it is harder than it seems.

security audit - risk assessment - network analysis

How to audit Windows Task Scheduler for cyber-attack activity

Two recently discovered Windows zero-day attacks underscore the importance of monitoring for unauthorized tasks.

cssg 015 enable auditing
video

How to audit Windows Task Scheduler to detect attacks

Learn how to prevent attackers from using Task Scheduler to hide and set up tasks to access Windows systems.

vulnerable gdpr breach security cyber attack

Does GDPR compliance reduce breach risk?

A new report from Cisco suggests that GDPR compliance reduces data breach impact. Incident response, legal and security experts agree but caution not to rely on compliance alone.

risk assessment - safety analysis - security audit

Cyber risk management challenges are impacting the business

Organizations struggle with continuous monitoring, tracking the threat landscape, identifying sensitive data flows, and communication between cybersecurity and business executives.

office meeting / silhouettes with devices and data in the foreground

12 tips for effectively presenting cybersecurity to the board

Don't let your board presentation miss the mark. Follow these best practices and common mistakes to avoid when communicating cybersecurity risk to the board.

network security digital internet firewall binary code

Ransomware attack drives city to seek greater network visibility

After being hit with the Cryptolocker ransomware, the City of Westland realized it needed more insight into network traffic, not just at the perimeter.

binary code

3 ways to monitor encrypted network traffic for malicious activity

Ubiquitous encryption of network traffic prevents you from performing deep packet inspection, but you can still detect and prevent a lot of attacks.

boxes box idea outside the box it as a product surprise unique masterzphotois getty

Self-sovereign identity: 3 key questions

SSI is on the extreme end of the digital identity spectrum. Its focus is putting control back in the hands of you, the user. But SSI is not the only way to skin a cat.

jobs collaboration careers network

Security executives on the move and in the news

Find up-to-date news of CSO, CISO and other senior security executive appointments.

2 industrial iot utility nuclear plant power plant

Congress steers clear of industrial control systems cybersecurity

Industry resistance to regulation, complexity of securing ICS systems are roadblocks to passage of critical infrastructure cybersecurity legislation.

crowd blur people walking conference group diverse crowd

My two favorite companies from RSA Conference 2019

The Media Trust offers website owners a way to detect malicious code coming from third parties, and DarkOwl scans the dark web for signs that a company has been compromised.

Microsoft Windows update arrows on laptop and mobile phone

Windows security updates that require new registry keys

Don't assume automated Windows security updates are complete. You might need to add registry keys manually. Here are a few to check now.

pressure water line pipes pipeline deliver

City of Raleigh implements ICS monitoring tool for water treatment plants

Securing operational technology systems is a different game than IT, but the City of Raleigh has deployed a CSO50 award-winning network monitoring solution that gives them greater visibility into its PLCs.

Load More